AGENCY:

Department of Veterans Affairs (VA), Veterans Health Administration (VHA).

ACTION:

Notice of a modified system of records.

SUMMARY:

Pursuant to the Privacy Act of 1974, notice is hereby given that the VA is modifying the system of records entitled, “Veteran Child Care Programs—VA” (169VA10NC). This system is used to assist VA in assessing whether it should and can feasibly assist qualified Veterans who need childcare to receive health care services.

DATES:

Comments on this amended system of records must be received no later than 30 days after date of publication in the Federal Register . If no public comment is received during the period allowed for comment or unless otherwise published in the Federal Register by the VA, the modified system of records will become effective a minimum of 30 days after date of publication in the Federal Register . If VA receives public comments, VA shall review the comments to determine whether any changes to the notice are necessary.

ADDRESSES:

Comments may be submitted through www.Regulations.gov or mailed to VA Privacy Service, 810 Vermont Avenue NW, (005X6F), Washington, DC 20420. Comments should indicate that they are submitted in response to “Veteran Child Care Programs—VA” (169VA10NC). Comments received will be available at regulations.gov for public viewing, inspection or copies.

FOR FURTHER INFORMATION CONTACT:

Stephania Griffin, VHA Chief Privacy Officer, Department of Veterans Affairs, 810 Vermont Avenue NW, Washington, DC 20420; telephone (704) 245–2492 (Note: this is not a toll-free number).

SUPPLEMENTARY INFORMATION:

VA is amending the system of records by revising the System Number, System Location, System Manager, Purpose, Categories of Records, Records Source Categories, Routine Uses of Records Maintained in the System, Policies and Practices for Retention and Disposal of Records, and Policies and Practices for Retrieval of Records. VA is republishing the system notice in its entirety.

The System Number is being updated from 169VA10NC to 169VA10 to reflect the current VHA organizational routing symbol. The System Location is being updated to include information on where to find address locations for VA facilities.

The Purpose is being updated to reflect that the records are used to provide appropriate childcare services to children in the program and to clarify that research includes quality improvement activities. The Purpose is also being updated to remove reference to ordering and delivery of equipment.

The System Manager is being updated to replace ADUSH for Clinical Operations, with Deputy Assistant Under Secretary for Health for Operations.

The Categories of Records in the System is being updated to delete reference to the collection of Social Security Numbers as this information is not being captured.

The Records Source Categories is being updated to include parent/guardian. Routine use number 13 is being added to state, “Data Breach Response and Remediation, for VA: To appropriate agencies, entities and persons when (1) VA suspects or has confirmed that there has been a breach of the system of records; (2) VA has determined that as a result of the suspected or confirmed breach there is a risk to individuals, VA (including its information systems, programs and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities or persons is reasonably necessary to assist in connection with VA efforts to respond to the suspected or confirmed breach or to prevent, minimize or remedy such harm.”

Policies and Practices for Retrieval of Records is being updated to remove the Social Security Number.

Policies and Practices for Retention and Disposal of Records is being updated to include VA Records Control Schedule (RCS) 10–1, Item Numbers 3075.1 and 3075.12.

The Report of Intent to Amend a System of Records Notice and an advance copy of the system notice have been sent to the appropriate Congressional committees and to the Director of the Office of Management and Budget (OMB) as required by 5 U.S.C. 552a(r) (Privacy Act) and guidelines issued by OMB (65 FR 77677), December 12, 2000.

Signing Authority

The Senior Agency Official for Privacy, or designee, approved this document and authorized the undersigned to sign and submit the document to the Office of the Federal Register for publication electronically as an official document of the Department of Veterans Affairs. Kurt D. DelBene, Assistant Secretary for Information and Technology and Chief Information Officer, approved this document on September 28, 2023 for publication.

SYSTEM NAME:

“Veteran Child Care Programs—VA” (169VA10).

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

Records are located at each Department of Veterans Affairs (VA) health care facility where the childcare program is in place (in most cases, backup information is stored at off-site locations). Address locations for VA facilities are listed in Appendix 1 of the biennial publication of the VA Privacy Act Issuances. Subsidiary record information is maintained by individuals, organizations and/or agencies with whom VA has a contract or agreement to perform such services, as VA may deem practicable.

SYSTEM MANAGER(S):

Official responsible for policies and procedures: Deputy Assistant Under Secretary for Health for Operations, Department of Veterans Affairs, 810 Vermont Avenue NW, Washington, DC 20420. Telephone 202–461–7064 (this is not a toll-free number).

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

38 U.S.C. 501.

PURPOSE(S) OF THE SYSTEM:

These records are used to provide appropriate childcare services to the children in the program; for statistical analysis to produce various management, workload tracking, and follow-up reports; for determining entitlement and eligibility for VA benefits; for quality assurance audits and reviews; to track and evaluate services for the planning, distribution and utilization of resources; and personnel management and evaluation. The data may be used for VA's extensive research programs, including quality improvement activities, in accordance with VA policy. Start Printed Page 77146

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

These records include information on children who receive childcare and the children's parents and/or guardians who are receiving treatment at VA.

CATEGORIES OF RECORDS IN THE SYSTEM:

The category of records in the system include: (1) Identifying information for child ( e.g., name, birth date, age, telephone number); (2) child's primary care physician name and contact information; and (3) emergency contact information for parent/guardian ( e.g., name of parent/guardian, address, relationship, telephone number, alternate contact person).

RECORD SOURCE CATEGORIES:

Information in this system of records may be provided by the Veteran, parent/guardian of the child or family members.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Law Enforcement: To a Federal, state, local, territorial, tribal or foreign law enforcement authority or other appropriate entity charged with the responsibility of investigating or prosecuting a violation or potential violation of law, whether civil, criminal or regulatory in nature, or charged with enforcing or implementing such law, provided that the disclosure is limited to information that, either alone or in conjunction with other information, indicates such a violation or potential violation. The disclosure of the names and addresses of Veterans and their dependents from VA records under this routine use must also comply with the provisions of 38 U.S.C. 5701.

2. Disease Tracking, Patient Outcomes, Other Health Information Required for Program Accountability: To another Federal agency or the District of Columbia's government in response to its request or at the initiation of VA, in connection with disease tracking, patient outcomes or other health information required for program accountability.

3. Congress: To a Member of Congress or staff acting upon the Member's behalf when the Member or staff requests the information on behalf of, and at the request of, the parent/guardian of the child who is the subject of the record.

4. National Archives and Records Administration (NARA): To the NARA in records management inspections conducted under 44 U.S.C. 2904 and 2906, or other functions authorized by laws and policies governing NARA operations and VA records management responsibilities.

5. Department of Justice (DoJ), Litigation, Administrative Proceeding: To the DoJ, or in a proceeding before a court, adjudicative body or other administrative body before which VA is authorized to appear, when:

(a) VA or any component thereof;

(b) Any VA employee in his or her official capacity;

(c) Any VA employee in his or her individual capacity where DoJ has agreed to represent the employee; or

(d) The United States, where VA determines that litigation is likely to affect the agency or any of its components, is a party to such proceedings or has an interest in such proceedings, and VA determines that use of such records is relevant and necessary to the proceedings.

6. Equal Employment Opportunity Commission (EEOC): To the EEOC in connection with investigations of alleged or possible discriminatory practices, examination of Federal affirmative employment programs, or other functions of the Commission as authorized by law.

7. Contractors: To contractors, grantees, experts, consultants, students, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for VA, when reasonably necessary to accomplish an agency function related to the records.

8. Federal Agencies, Fraud and Abuse: To other Federal agencies to assist such agencies in preventing and detecting possible fraud or abuse by individuals in their operations and programs.

9. Data Breach Response and Remediation, for Another Federal Agency: To another Federal agency or Federal entity, when VA determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

10. Family, Partner, for Notification of a Child's Status: To the extent necessary, on a need-to-know basis, and consistent with good ethical practices, to family members or persons with whom the child has a meaningful relationship.

11. Federal Labor Relations Authority (FLRA): To the FLRA in connection with the investigation and resolution of allegations of unfair labor practices, the resolution of exceptions to arbitration awards when a question of material fact is raised, matters before the Federal Service Impasses Panel, and the investigation of representation petitions and the conduct or supervision of representation elections.

12. Merit Systems Protection Board (MSPB): To the MSPB in connection with appeals, special studies of the civil service and other merit systems, review of rules and regulations, investigation of alleged or possible prohibited personnel practices, and such other functions promulgated in 5 U.S.C. 1205 and 1206, or as otherwise authorized by law.

13. Data Breach Response and Remediation, for VA: To appropriate agencies, entities and persons when (1) VA suspects or has confirmed that there has been a breach of the system of records; (2) VA has determined that as a result of the suspected or confirmed breach there is a risk to individuals, VA (including its information systems, programs and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities or persons is reasonably necessary to assist in connection with VA efforts to respond to the suspected or confirmed breach or to prevent, minimize or remedy such harm.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

Records are currently maintained on paper, microfilm, electronic media including images and scanned documents, or laser optical media in the consolidated health record at the health care facility where care was rendered.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Records are retrieved by name or other assigned identifiers of the Veteran receiving VA services associated with the childcare episode.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

Records in this system are retained and disposed of in accordance with the schedule approved by the Archivist, VA Records Control Schedule (RCS) 10–1, Item Numbers 3075.1 and 3075.12.

ADMINISTRATIVE, TECHNICAL AND PHYSICAL SAFEGUARDS:

1. Access to and use of national administrative databases, warehouses and data marts are limited to those Start Printed Page 77147 persons whose official duties require such access, and VA has established security procedures to ensure that access is appropriately limited. Information security officers and system data stewards review and authorize data access requests. VA regulates data access with security software that authenticates users and requires individually unique codes and passwords. VA provides information security training to all staff and instructs staff on the responsibility each person has for safeguarding data confidentiality.

2. Physical access to computer rooms housing national administrative databases, warehouses and data marts is restricted to authorized staff and protected by a variety of security devices. Unauthorized employees, contractors and other staff are not allowed in computer rooms. The Federal Protective Service or other security personnel provide physical security for the buildings housing computer rooms and data centers.

3. Data transmissions between operational systems and national administrative databases, warehouses and data marts maintained by this system of record are protected by state-of-the-art telecommunication software and hardware. This may include firewalls, intrusion detection devices, encryption and other security measures necessary to safeguard data as it travels across the VA Wide Area Network.

4. In most cases, copies of back-up computer files are maintained at off-site locations.

5. VA maintains Business Associate Agreements and Non-Disclosure Agreements where appropriate with contracted resources in order to maintain confidentiality of the information.

RECORD ACCESS PROCEDURE:

Individuals seeking information on the existence and content of records in this system pertaining to where the child participated in the childcare program should contact the system manager in writing as indicated above. A request for access to records must contain the Veteran or primary caretaker's full name, address, telephone number, be signed by the requester, and describe the records sought in sufficient detail to enable VA personnel to locate them with a reasonable amount of effort.

CONTESTING RECORD PROCEDURES:

Individuals seeking to contest or amend records in this system pertaining to them or their children should contact the system manager in writing as indicated above. A request to contest or amend records must state clearly and concisely what record is being contested, the reasons for contesting it, and the proposed amendment to the record.

NOTIFICATION PROCEDURE:

Generalized notice is provided by the publication of this notice. For specific notice, see Record Access Procedure, above.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

77 FR 56914 (September 14, 2012).